<?php
	if(/*isset($_REQUEST['submit']) && */isset($_REQUEST['author_code'])){
		session_start();
		
		if(strtolower($_REQUEST['author_code']) == $_SESSION['author_code'])
		{
			$username = $_REQUEST['username'];
			$password = $_REQUEST['password'];
			@$db = new mysqli('localhost',"$username","$password",'test');
			if ($db->connect_error) {
				die('Connect Error (' . $db->connect_errno . ') '
					. $db->connect_error);
			}
			$sql = "select *from student";
			$result = $db->query($sql);
			while($row = $result->fetch_assoc())
			{
				print_r($row);
				echo "<br />";
}
				}
	else 
	echo '<p>enter falsely';
	exit();
	}
?>





<!DOCTYPE html>
	<head>
		<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
		<title> show database </title>
	</head>
	<body>
		<form method = "post" action = "./form.php">
			<p>username:<input type = "text" name = "username" value = '' /> </p>
			<p>password:<input type = "password" name = "password" value ='' /></p>
			<p>captcha: <img border = "1" src = "./captcha.php" width = '100' height = '30'/></p>
			<p>please enter :<input type = "text" name = "author_code" value = '' /> </p>
			<p><input type = "submit" value = "submit" style = "padding:6px 20px" /> </p>
		</form>
	</body>
</html>